f06ae070ed9635dd607ea2c9fe447a55_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f06ae070ed9635dd607ea2c9fe447a55_JaffaCakes118
Size

187KB
MD5

f06ae070ed9635dd607ea2c9fe447a55
SHA1

c56ceb157da4a67a03a5b9a8a26271e1a74d394f
SHA256

58a5bd484d0e4fe1d9808a5cacf146e0ad44e89eb614ada54842a46c816ca39f
SHA512

8b1a98ab4b784707f3eef5733ff26e805e5b9d31b05a0f40d8b955f906fd823d86a481880c31f377396b6a8e77168536082c0c784688d3635a47a44425c49314
SSDEEP

3072:FQk/YUEN670qPJHiE1ULDslSU4OP1QeUZqKytc6DXxDS8rGYHMnRoHAd5:KZfqiCU0lSe9QeUZdy26DXxITV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f06ae070ed9635dd607ea2c9fe447a55_JaffaCakes118

Files

f06ae070ed9635dd607ea2c9fe447a55_JaffaCakes118
.exe windows:4 windows x86 arch:x86

28234fb886689871ff060ece62d949b5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

imm32

ImmAssociateContext

kernel32

CreateProcessW
SetProcessPriorityBoost
GlobalAlloc
Sleep
WriteFile
GlobalLock
EnumResourceTypesA
DeleteCriticalSection
ReadFile
GetModuleFileNameW
CreateEventW
TerminateThread
CreateFileW
GetModuleHandleW
InterlockedDecrement
GlobalUnlock

ole32

GetHGlobalFromILockBytes
CoTaskMemFree
StringFromGUID2

Sections

.text
Size: 119KB - Virtual size: 119KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 1024B - Virtual size: 660B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ